Rezultaty skanu uzupełniającego Farbar Recovery Scan Tool (x64) Wersja: 12-03-2023 Uruchomiony przez aandr (13-03-2023 15:14:12) Uruchomiony z C:\Users\aandr\Downloads Microsoft Windows 11 Home Wersja 22H2 22621.1344 (X64) (2022-10-05 08:37:23) Tryb startu: Normal ========================================================== ==================== Konta użytkowników: ============================= (Załączenie wejścia w fixlist spowoduje jego usunięcie.) aandr (S-1-5-21-1917826487-3454705426-1309254147-1001 - Administrator - Enabled) => C:\Users\aandr Administrator (S-1-5-21-1917826487-3454705426-1309254147-500 - Administrator - Disabled) Gość (S-1-5-21-1917826487-3454705426-1309254147-501 - Limited - Disabled) Konto domyślne (S-1-5-21-1917826487-3454705426-1309254147-503 - Limited - Disabled) WDAGUtilityAccount (S-1-5-21-1917826487-3454705426-1309254147-504 - Limited - Disabled) ==================== Centrum zabezpieczeń ======================== (Załączenie wejścia w fixlist spowoduje jego usunięcie.) AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AV: Arcabit (Enabled - Up to date) {922AA872-BA6C-4D98-98D3-5A1C55ADC635} FW: Arcabit (Enabled) {AA112957-F003-4CC0-B38C-F329AB7E814E} ==================== Zainstalowane programy ====================== (W fixlist dozwolone tylko załączanie programów adware z flagą "Hidden" w celu ich uwidocznienia. Programy adware powinny zostać w poprawny sposób odinstalowane.) {c56a5ad6-4c48-4532-a5a4-f030a9f90f29} (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\{c56a5ad6-4c48-4532-a5a4-f030a9f90f29}) (Version: - South Editor Ltd.) 7-Zip 22.01 (x64) (HKLM\...\7-Zip) (Version: 22.01 - Igor Pavlov) ABBYY FineReader PDF 15 (HKLM\...\{F15000FE-0001-6400-0000-074957833700}) (Version: 15.0.4684 - ABBYY Production LLC) Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.1.102.64 - Adobe Systems Incorporated) AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.) AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.90 - Advanced Micro Devices, Inc.) Hidden AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.22.0.0 - Advanced Micro Devices, Inc.) Hidden AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.Q4 - Advanced Micro Devices, Inc.) AMD_Chipset_Drivers (HKLM-x32\...\{260a52b1-dc81-4e22-b58d-5dd3b57a7b65}) (Version: 5.02.19.2221 - Advanced Micro Devices, Inc.) Hidden AOC G-Menu (HKLM\...\{177B7213-4D12-49AD-9746-C532580D6D52}) (Version: 1.2.003 - Portrait Displays, Inc.) Aplikacje Microsoft 365 dla przedsiębiorstw - pl-pl (HKLM\...\O365ProPlusRetail - pl-pl) (Version: 16.0.16130.20218 - Microsoft Corporation) aSc TimeTables (HKLM-x32\...\aScTimeTables) (Version: 2020 - aSc Applied Software Consultants s.r.o) Bloody7 (HKLM-x32\...\Bloody3) (Version: 20.12.0006 - Bloody) CSGO Demos Manager version 2.13.15 (HKLM-x32\...\{2CC5723B-69A1-4B82-AA32-34968284F9C3}_is1) (Version: 2.13.15 - AkiVer) DFUDriverSetupX64Setup (HKLM-x32\...\{D662C345-04FD-4F6C-AB68-B9BC6D6A5D2F}) (Version: 7.0.32822.0 - GN Netcom A/S) Hidden Discord (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Discord) (Version: 1.0.9006 - Discord Inc.) Epic Games Launcher (HKLM-x32\...\{9BDC8B60-A7CD-4554-B66A-C5FFC1E1437C}) (Version: 1.1.279.0 - Epic Games, Inc.) Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Epic Online Services (HKLM-x32\...\{19695986-25CE-41AC-9C6F-54794653EDBA}) (Version: 2.0.36.0 - Epic Games, Inc.) FACEIT (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\FACEIT) (Version: 1.31.7 - FACEIT Ltd.) FACEIT Anti-Cheat (HKLM\...\{1419E44C-0EF4-4822-9194-9F1A4D43973D}_is1) (Version: 2.0 - FACEIT LTD) FIFA 22 (HKLM-x32\...\{67F7ABF6-2557-4756-923A-AB99086B1490}) (Version: 1.0.77.45722 - Electronic Arts) GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - ) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 111.0.5563.64 - Google LLC) Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 71.0.3.0 - Google LLC) Google Keep (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\5575c08499ab753086aa0fc88dcb725c) (Version: 1.0 - Google\Chrome) Heroes of Might and Magic® III: Horn of the Abyss (HKLM-x32\...\HotA + HD_is1) (Version: 1.6.1 - HotA Crew) IPFilter 3.0.2.9-beta (HKLM-x32\...\{5E5CAB9E-1996-4AD0-9662-730F337E353F}) (Version: 3.0.2 - David Moore) Jabra Direct (HKLM-x32\...\{69FE915F-9E9D-4057-81AA-3C7132A8C89D}) (Version: 6.5.31801 - GN Audio A/S) Hidden Jabra Direct (HKLM-x32\...\{e0708549-0a9a-4555-aa81-8596101c32ac}) (Version: 6.5.31801 - GN Audio A/S) KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - ) Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 110.0.1587.69 - Microsoft Corporation) Microsoft OneDrive (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\OneDriveSetup.exe) (Version: 23.043.0226.0001 - Microsoft Corporation) Microsoft Teams (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Teams) (Version: 1.5.00.28361 - Microsoft Corporation) Microsoft Update Health Tools (HKLM\...\{EF9EBC42-6969-45CE-A8D2-B9249B00C838}) (Version: 5.69.0.0 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (HKLM-x32\...\{B175520C-86A2-35A7-8619-86DC379688B9}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (HKLM-x32\...\{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}) (Version: 11.0.61030 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{8e24fb65-31aa-446d-9c3e-35c5e11cb367}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation) Hidden Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation) Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29913 (HKLM-x32\...\{03d1453c-7d5c-479c-afea-8482f406e036}) (Version: 14.28.29913.0 - Microsoft Corporation) Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29913 (HKLM-x32\...\{572DCD10-CF2E-43D1-8151-8BD9AC9086D0}) (Version: 14.28.29913 - Microsoft Corporation) Hidden Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29913 (HKLM-x32\...\{6236EBBD-F50F-40B3-B819-8DB0C608308C}) (Version: 14.28.29913 - Microsoft Corporation) Hidden Microsoft Visual Studio Code (User) (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\{771FD6B0-FA20-440A-A002-3B3BAC16DC50}_is1) (Version: 1.74.3 - Microsoft Corporation) Microsoft Visual Studio Installer (HKLM\...\{6F320B93-EE3C-4826-85E0-ADF79F8D4C61}) (Version: 3.4.2246.31370 - Microsoft Corporation) MSI Afterburner 4.6.2 (HKLM-x32\...\Afterburner) (Version: 4.6.2 - MSI Co., LTD) NapiProjekt (2.2.0.2399) (HKLM-x32\...\NapiProjekt_is1) (Version: - ) NordUpdater (HKLM\...\{6E35DB82-3D19-4DD6-B8CB-F082815FDE18}_is1) (Version: 1.3.0.160 - Nord Security) NordVPN (HKLM\...\{19465C24-3D5D-4327-B99F-3CC0A1D38151}_is1) (Version: 7.4.7.0 - Nord Security) NordVPN network TAP (HKLM-x32\...\{97DEC5D6-2BE9-45BB-BFC5-274B851B486B}) (Version: 1.0.1 - NordVPN) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 8.4.7 - Notepad++ Team) Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0415-0000-0000000FF1CE}) (Version: 16.0.16130.20218 - Microsoft Corporation) Hidden Oracle VM VirtualBox 6.1.38 (HKLM\...\{62A30AE6-8596-4C61-A5B8-1C3B45C25C72}) (Version: 6.1.38 - Oracle Corporation) Origin (HKLM-x32\...\Origin) (Version: 10.5.119.52718 - Electronic Arts, Inc.) Plan lekcji (HKLM-x32\...\PlanLekcjiInst) (Version: - ) Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden qBittorrent (HKLM-x32\...\qBittorrent) (Version: 4.5.0 - The qBittorrent project) Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9336.1 - Realtek Semiconductor Corp.) Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 11.10.0720.2022 - Realtek) RivaTuner Statistics Server 7.2.3 (HKLM-x32\...\RTSS) (Version: 7.2.3 - Unwinder) Rockstar Games Launcher (HKLM-x32\...\Rockstar Games Launcher) (Version: 1.0.67.1178 - Rockstar Games) Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 2.1.6.5 - Rockstar Games) SharePoint Client Components (HKLM\...\{95150004-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4711.1001 - Microsoft Corporation) Spotify (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\Spotify) (Version: 1.1.95.893.g6cf4d40c - Spotify AB) Sprawdzanie kondycji komputera z systemem Windows (HKLM\...\{41E85393-7ED3-4C54-AC25-51F8CDF39CDF}) (Version: 3.6.2204.08001 - Microsoft Corporation) Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation) SumatraPDF (HKLM\...\SumatraPDF) (Version: 3.2 - Krzysztof Kowalczyk) SumatraPDF (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\SumatraPDF) (Version: 3.4.6 - Krzysztof Kowalczyk) Środowisko uruchomieniowe Microsoft Edge WebView2 (HKLM-x32\...\Microsoft EdgeWebView) (Version: 110.0.1587.69 - Microsoft Corporation) Teams Machine-Wide Installer (HKLM-x32\...\{731F6BAA-A986-45A4-8936-7C3AAAAA760B}) (Version: 1.5.0.8070 - Microsoft Corporation) TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.5.6 - TeamSpeak Systems GmbH) Ubisoft Connect (HKLM-x32\...\Uplay) (Version: 113.0 - Ubisoft) VLC media player (HKLM\...\VLC media player) (Version: 3.0.18 - VideoLAN) War Thunder Launcher 1.0.3.248 (HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - Gaijin Entertainment) Windows Subsystem for Linux Update (HKLM\...\{36EF257E-21D5-44F7-8451-07923A8C465E}) (Version: 5.10.16 - Microsoft Corporation) Packages: ========= AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2023-03-13] (0) Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_2.5.15.0_neutral__yxz26nhyzhsrt [2023-01-17] (Microsoft Corp.) Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_1790.13.81.0_x64__8xx8rvfyw5nnt [2023-02-24] (Meta) [Startup Task] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2022-05-31] (Microsoft Corporation) [MS Ad] Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2022-05-31] (Microsoft Corporation) [MS Ad] Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.39.0_x64__8wekyb3d8bbwe [2023-01-04] (Microsoft Corp.) ms-resource://MicrosoftCorporationII.QuickAssist/resources/APP_WINDOW_NAME -> C:\Program Files\WindowsApps\MicrosoftCorporationII.QuickAssist_2.0.19.0_x64__8wekyb3d8bbwe [2023-03-06] (Microsoft Corp.) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.AV1VideoExtension_1.1.52851.0_x64__8wekyb3d8bbwe [2022-12-06] (Microsoft Corporation) ms-resource:AppStoreName -> C:\Program Files\WindowsApps\Microsoft.RawImageExtension_2.1.40041.0_x64__8wekyb3d8bbwe [2023-01-25] (Microsoft Corporation) ms-resource:AppxManifest_DisplayName -> C:\Windows\SystemApps\Microsoft.Windows.PrintQueueActionCenter_cw5n1h2txyewy [2022-10-05] (Microsoft Corporation) ms-resource:ProductPkgDisplayName -> C:\WINDOWS\SystemApps\MicrosoftWindows.Client.Core_cw5n1h2txyewy [2023-03-04] (ms-resource:ProductPublisherDisplayName) Netflix -> C:\Program Files\WindowsApps\4DF9E0F8.Netflix_6.98.1805.0_x64__mcm4njqhnhss8 [2022-02-15] (Netflix, Inc.) Pulpit zdalny Microsoft -> C:\Program Files\WindowsApps\Microsoft.RemoteDesktop_10.2.3000.0_x64__8wekyb3d8bbwe [2022-09-19] (Microsoft Corporation) Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.25.247.0_x64__dt26b99r8h8gj [2023-02-15] (Realtek Semiconductor Corp) Solitaire & Casual Games -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.15.12020.0_x64__8wekyb3d8bbwe [2022-12-14] (Microsoft Studios) [MS Ad] Ubuntu 20.04.5 LTS -> C:\Program Files\WindowsApps\CanonicalGroupLimited.Ubuntu20.04LTS_2004.5.11.0_x64__79rhkp1fndgsc [2022-09-18] (Canonical Group Limited) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x64__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation) WindowsAppRuntime.1.2 -> C:\Program Files\WindowsApps\Microsoft.WindowsAppRuntime.1.2_2000.777.2143.0_x86__8wekyb3d8bbwe [2023-02-23] (Microsoft Corporation) ==================== Niestandardowe rejestracje CLSID (filtrowane): ============== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) CustomCLSID: HKU\S-1-5-21-1917826487-3454705426-1309254147-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\aandr\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.22234.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation) CustomCLSID: HKU\S-1-5-21-1917826487-3454705426-1309254147-1001_Classes\CLSID\{B2AF1C4B-EC70-7845-12F2-7EB2690D3085}\InprocServer32 -> C:\Program Files (x86)\Common Files\System\ole32.dll => Brak pliku CustomCLSID: HKU\S-1-5-21-1917826487-3454705426-1309254147-1001_Classes\CLSID\{D3E34B21-9D75-101A-8C3D-00AA001A1652}\localserver32 -> C:\Program Files\WindowsApps\Microsoft.Paint_11.2301.22.0_x64__8wekyb3d8bbwe\PaintApp\mspaint.exe () [Brak podpisu cyfrowego] ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2022-09-03] (Notepad++ -> ) ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ContextMenuHandlers1: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => D:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => -> Brak pliku ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\71.0.3.0\drivefsext.dll [2023-03-04] (Google LLC -> Google, Inc.) ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2022-07-15] (Igor Pavlov) [Brak podpisu cyfrowego] ContextMenuHandlers6: [FineReader15ContextMenu] -> {53339754-4DD1-438B-8D24-0D0730F1A591} => D:\Program Files (x86)\ABBYY FineReader 15\x64\FRIntegration.x64.dll [2020-09-09] (ABBYY Production LLC -> ABBYY Production LLC.) ==================== Codecs (filtrowane) ==================== (Załączenie wejścia w fixlist spowoduje usunięcie obiektu z rejestru lub przywrócenie jego domyślnej postaci. Powiązany plik nie zostanie przeniesiony.) HKLM\...\Drivers32: [VIDC.RTV1] => C:\WINDOWS\system32\rtvcvfw64.dll [246272 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [VIDC.RTV1] => C:\Windows\SysWOW64\rtvcvfw32.dll [247296 2012-09-28] () [Brak podpisu cyfrowego] HKLM\...\Drivers32: [vidc.VP60] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) HKLM\...\Drivers32: [vidc.VP61] => C:\Windows\SysWOW64\vp6vfw.dll [447752 2014-09-16] (Electronic Arts -> On2.com) ==================== Skróty & WMI ======================== (Wybrane wejścia mogą zostać załączone w celu ich zresetowania lub usunięcia.) Shortcut: C:\Users\aandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Plan lekcji\Rejestracja.lnk -> hxxp://rejestracja.librus.pl ShortcutWithArgument: C:\Users\aandr\Desktop\programs\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd ShortcutWithArgument: C:\Users\aandr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikacje Chrome\Google Keep.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=eilembjdkfgodjkcjnpgpaenohkicgjd ==================== Załadowane moduły (filtrowane) ============= 2023-02-09 20:51 - 2022-04-13 18:36 - 001282048 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\LIBEAY32.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 000279040 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\ssleay32.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 001611264 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\platforms\qwindows.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 005487104 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5Core.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 005841920 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5Gui.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 001179136 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5Network.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 000146432 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5WebSockets.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 005089792 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5Widgets.dll 2023-02-09 20:51 - 2022-04-13 18:36 - 000184832 _____ (The Qt Company Ltd) [Brak podpisu cyfrowego] D:\Program Files (x86)\Origin\Qt5Xml.dll ==================== Alternate Data Streams (filtrowane) ======== ==================== Tryb awaryjny (filtrowane) ================== (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Wartość "AlternateShell" zostanie przywrócona.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TextInputManagementService => ""="Service" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => ""="Memory" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{5099944A-F6B9-4057-A056-8C550228544C} => "SafeBootDrivers"="1" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HidSpiCx.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TextInputManagementService => ""="Service" ==================== Powiązania plików (filtrowane) ================= ==================== Internet Explorer (filtrowane) ========== BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2023-02-05] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-04] (Microsoft Corporation -> Microsoft Corporation) Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2023-03-04] (Microsoft Corporation -> Microsoft Corporation) ==================== Hosts - zawartość: ========================= (Użycie dyrektywy Hosts: w fixlist spowoduje reset pliku Hosts.) 2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts 2022-07-30 16:41 - 2023-02-23 13:00 - 000000444 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics 172.20.208.1 DESKTOP-SE3F40D.mshome.net # 2028 2 2 22 12 0 35 945 ==================== Inne obszary =========================== (Obecnie brak automatycznej naprawy dla tej sekcji.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Falcon\MinGW\bin;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\ HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\aandr\Downloads\undercover_dog-wallpaper-2560x1080.jpg DNS Servers: 192.168.0.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off) Zapora systemu Windows [funkcja włączona] Network Binding: ============= Ethernet: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet 2: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 2: NordVPN LightWeight Firewall -> NordLwf (enabled) Ethernet 3: VirtualBox NDIS6 Bridged Networking Driver -> oracle_VBoxNetLwf (enabled) Ethernet 3: NordVPN LightWeight Firewall -> NordLwf (enabled) ==================== MSCONFIG/TASK MANAGER - Wyłączone elementy == (Załączenie wejścia w fixlist spowoduje jego usunięcie.) HKLM\...\StartupApproved\Run32: => "Live Update" HKLM\...\StartupApproved\Run32: => "TeamsMachineInstaller" HKLM\...\StartupApproved\Run32: => "WidgetPodatnikInfo" HKLM\...\StartupApproved\Run32: => "Jabra Direct" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "Steam" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "GamerLink" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "Gaijin.Net Updater" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "ProductAuthenticationService" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_0161A854AD8EBB4DB3F7D07CA14F66CD" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "FACEIT" HKU\S-1-5-21-1917826487-3454705426-1309254147-1001\...\StartupApproved\Run: => "Discord" ==================== Reguły Zapory systemu Windows (filtrowane) ================ (Załączenie wejścia w fixlist spowoduje jego usunięcie z rejestru. Powiązany plik nie zostanie przeniesiony, o ile nie zostanie załączony z osobna.) FirewallRules: [TCP Query User{8A26F128-8374-4144-BDE1-D0B5A4570399}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [UDP Query User{CB605075-944F-4469-B639-50E5E8370399}D:\program files (x86)\steam\steam.exe] => (Allow) D:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{5E45E8E0-0C33-479F-8D1C-F10E59E9EB5B}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [{4DBC5C56-454B-4BA6-8E4D-B12FDD9851C7}] => (Allow) D:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation) FirewallRules: [TCP Query User{D08CE1B8-035B-4836-948F-0E51D0C405BD}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [UDP Query User{BDEB0258-FF06-4873-ABD3-6106530588D6}D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\war thunder\win64\aces.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{CEB0D6B5-345C-483C-9672-17A6B8D8245F}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [Brak podpisu cyfrowego] FirewallRules: [{6AE69914-45EE-4E99-9ABF-7FCD68859D38}] => (Allow) C:\Program Files (x86)\NapiProjekt\napisy.exe () [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{367EE9A4-072A-4528-968A-A2D83701EB2C}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [UDP Query User{8378BDF0-4209-4078-A48C-6834FF85DB5A}C:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [TCP Query User{F7538B87-D54F-49B9-9516-EDFD2E271E41}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [UDP Query User{30DF0D27-187C-48DA-A115-EFD2A4F80046}D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe] => (Allow) D:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo.exe (Valve Corp. -> ) FirewallRules: [TCP Query User{FC159640-E8CE-45D3-8FFA-22D18F584D0F}C:\program files\windowsapps\microsoftteams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe] => (Allow) C:\program files\windowsapps\microsoftteams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe => Brak pliku FirewallRules: [UDP Query User{D92CB124-6196-400B-8134-8205A7F6682C}C:\program files\windowsapps\microsoftteams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe] => (Allow) C:\program files\windowsapps\microsoftteams_22227.300.1508.3394_x64__8wekyb3d8bbwe\msteams.exe => Brak pliku FirewallRules: [{0A395AFA-22B1-4979-9C1D-AF073F8B4141}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{E3EED8CB-7D9F-4A9B-8E1C-A496C4C50D80}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\eac_wt_mlauncher.exe (Gaijin Network LTD -> Gaijin Entertainment) FirewallRules: [{34FEDD7A-5DAC-48CB-B30B-393278B2FD6B}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [{D411626D-4EBB-4470-B218-0A15F01E22E9}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\War Thunder\launcher.exe (Gaijin Network LTD -> Gaijin) FirewallRules: [{7B4F9397-092D-44AD-9036-530F1F30BBA0}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{2423BCB3-AB63-4265-A84A-DF2366EB1C69}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{D3B014A5-9B65-4BC2-9B1F-0034296D140B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{4389C906-FA4D-404F-9786-49BBD7CF186B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{17CBA13C-640C-433A-87E4-A2C3D8214E3B}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{1979C507-5DB2-450D-A093-87C004EF0234}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22260.203.1605.4995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E2BD6066-A0F3-4889-97A1-DB458BADFA51}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_22260.203.1605.4995_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [{E7964601-CE12-4475-96A8-F190C61C9DDE}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [{BF8008F5-04BF-4B61-9774-DC6ECE903777}] => (Allow) D:\Program Files (x86)\Steam\steamapps\common\Sid Meier's Civilization VI\2KLauncher\LauncherPatcher.exe (Take-Two Interactive Software, Inc. -> Take-Two Interactive Software, Inc.) FirewallRules: [TCP Query User{25595B84-E4F6-4C2B-A882-1795793CBACD}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [UDP Query User{1B514BB3-E2A6-48AD-8E1D-61D528E309B0}D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe] => (Allow) D:\program files (x86)\epic games\launcher\engine\binaries\win64\epicwebhelper.exe (Epic Games Inc. -> Epic Games, Inc.) FirewallRules: [TCP Query User{7115844F-0E43-456E-9D10-4376A83632E4}C:\users\aandr\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\aandr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [UDP Query User{78431919-1149-48C9-89FB-04EE6BDA46AB}C:\users\aandr\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\aandr\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{9235FF82-F0E7-4A99-B6FD-3D3E4F1D016D}D:\program files\epic games\reddeadredemption2\rdr2.exe] => (Allow) D:\program files\epic games\reddeadredemption2\rdr2.exe => Brak pliku FirewallRules: [UDP Query User{0B8E2571-744F-4FE7-94D6-329AE0901BB0}D:\program files\epic games\reddeadredemption2\rdr2.exe] => (Allow) D:\program files\epic games\reddeadredemption2\rdr2.exe => Brak pliku FirewallRules: [TCP Query User{10609FB6-F9E9-4D49-AA0C-5B64AAF0D0AA}D:\program files\epic games\gtav\gta5.exe] => (Allow) D:\program files\epic games\gtav\gta5.exe => Brak pliku FirewallRules: [UDP Query User{8CE5F1D9-CDAE-4D7A-8046-BC0981A8F9DA}D:\program files\epic games\gtav\gta5.exe] => (Allow) D:\program files\epic games\gtav\gta5.exe => Brak pliku FirewallRules: [TCP Query User{B799E285-C27C-4C2D-B439-0B6C255880FF}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [UDP Query User{9FB46291-61B1-4AE7-99F0-345749F8777C}C:\program files\videolan\vlc\vlc.exe] => (Allow) C:\program files\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN) FirewallRules: [{072309EE-3CB6-4494-927B-86591285D8E7}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [{405A23A6-C713-42A0-B342-7931EBD2B5A6}] => (Allow) C:\Program Files\qBittorrent\qbittorrent.exe (The qBittorrent Project) [Brak podpisu cyfrowego] FirewallRules: [TCP Query User{1B472C27-CE83-45F2-A19D-06776E23E4E2}D:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego] FirewallRules: [UDP Query User{7DBF8C60-C13B-4B37-A669-C981878346F3}D:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe] => (Allow) D:\program files (x86)\hogwarts legacy\phoenix\binaries\win64\hogwartslegacy.exe (Warner Bros. Interactive) [Brak podpisu cyfrowego] FirewallRules: [{BB9152AC-52BC-40DD-8158-CA574C0B871D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{58FA34F5-9869-4C38-BC6B-F7EC8E3DE6E7}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{9B19FDF6-9898-43A8-845A-818DD63B6A67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{0EF0832F-80F1-475C-9D3A-F1AF1EB51E5D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.94.3428.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.) FirewallRules: [{2C52A7BE-79F9-40EC-9FA9-7C99D942FF99}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) FirewallRules: [{EA228F73-A072-466C-8FAD-621D8ECD496E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\110.0.1587.69\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation) FirewallRules: [TCP Query User{CA74471B-33B0-4BFB-8355-B4A2DDD4B6C7}C:\g-menu\g-menu.exe] => (Allow) C:\g-menu\g-menu.exe => Brak pliku FirewallRules: [UDP Query User{EC3E985F-2F16-4672-A72E-78FCFEE3F100}C:\g-menu\g-menu.exe] => (Allow) C:\g-menu\g-menu.exe => Brak pliku FirewallRules: [TCP Query User{B4B24047-BF7E-48E6-BB16-7FF8FA2FB6ED}C:\g-menu\resources\bin\g_menu.exe] => (Allow) C:\g-menu\resources\bin\g_menu.exe => Brak pliku FirewallRules: [UDP Query User{3A56A613-BCE2-4A46-AFA1-BC62441FE880}C:\g-menu\resources\bin\g_menu.exe] => (Allow) C:\g-menu\resources\bin\g_menu.exe => Brak pliku ==================== Punkty Przywracania systemu ========================= ==================== Wadliwe urządzenia w Menedżerze urządzeń ============ ==================== Błędy w Dzienniku zdarzeń: ======================== Dziennik Aplikacja: ================== Error: (03/13/2023 02:54:36 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu WORKGROUP\DESKTOP-SE3F40D$ za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 13 Mar 2023 13:54:35 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 5b57ff34-f893-4eb6-ac1c-1c926ab36ffc Metoda: GET(265ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Error: (03/13/2023 02:54:35 PM) (Source: CertEnroll) (EventID: 86) (User: ZARZĄDZANIE NT) Description: Inicjowanie rejestracji certyfikatu SCEP dla elementu System lokalny za pośrednictwem elementu https://AMD-KeyId-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net/templates/Aik/scep nie powiodło się: GetCACaps GetCACaps: Not Found {"Message":"The authority \"amd-keyid-907d65e9b562315997dd5ad086b2b7598957b92c.microsoftaik.azure.net\" does not exist."} HTTP/1.1 404 Not Found Date: Mon, 13 Mar 2023 13:54:35 GMT Content-Length: 121 Content-Type: application/json; charset=utf-8 X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000;includeSubDomains x-ms-request-id: 244f99e9-b2fb-4baa-b9a2-224918ac5b9b Metoda: GET(344ms) Etap: GetCACaps Nieznaleziony (404). 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND) Dziennik System: ============= Error: (03/13/2023 02:54:37 PM) (Source: BTHUSB) (EventID: 17) (User: ) Description: W lokalnym adapterze Bluetooth wystąpił nieokreślony błąd. Adapter nie będzie używany. Sterownik został usunięty z pamięci. Windows Defender: ================ Date: 2023-03-12 20:26:36 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {46F096A1-A309-4A3D-B308-955D9550DBEB} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-11 13:28:30 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {0781DF4E-5E62-4B2A-A2BC-2A8571498A2E} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-09 23:05:04 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {250EAC7C-08BB-43B3-96AF-BA6383548E1B} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-06 09:29:40 Description: Skanowanie produktu Program antywirusowy Microsoft Defender zostało zatrzymane przed ukończeniem. Identyfikator skanowania: {4C63BFD5-9CD2-4114-94DF-F42A72B15735} Typ skanowania: Narzędzia chroniące przed złośliwym oprogramowaniem Parametry skanowania: Szybkie skanowanie Użytkownik: ZARZĄDZANIE NT\SYSTEM Date: 2023-03-05 01:58:31 Description: Produkt Program antywirusowy Microsoft Defender wykrył złośliwe oprogramowanie lub inne potencjalnie niechciane oprogramowanie. Aby uzyskać więcej informacji, zobacz: https://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:Win32/Sabsik.FL.B!ml&threatid=2147780203&enterprise=0 Nazwa: Trojan:Win32/Sabsik.FL.B!ml Identyfikator: 2147780203 Ważność: Poważny Kategoria: Koń trojański Ścieżka: file:_F:\Setup.exe Pochodzenie wykrycia: Komputer lokalny Typ wykrycia: Konkretne Źródło wykrycia: Ochrona w czasie rzeczywistym Użytkownik: DESKTOP-SE3F40D\aandr Nazwa procesu: C:\Windows\explorer.exe Wersja analizy zabezpieczeń: AV: 1.383.1039.0, AS: 1.383.1039.0, NIS: 1.383.1039.0 Wersja aparatu: AM: 1.1.20000.2, NIS: 1.1.20000.2  CodeIntegrity: =============== Date: 2023-03-13 11:24:04 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2302.3-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-03-06 12:52:38 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\fcon.dll because the set of per-page image hashes could not be found on the system. Date: 2023-03-06 09:40:26 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2301.6-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. Date: 2023-03-05 01:42:56 Description: Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\ImmersiveControlPanel\SystemSettings.exe) attempted to load \Device\HarddiskVolume3\Program Files\Google\Drive File Stream\71.0.3.0\crashpad_handler.exe that did not meet the Microsoft signing level requirements. ==================== Statystyki pamięci =========================== BIOS: American Megatrends International, LLC. H.G0 07/26/2022 Płyta główna: Micro-Star International Co., Ltd B450 GAMING PLUS MAX (MS-7B86) Procesor: AMD Ryzen 5 3600 6-Core Processor Procent pamięci w użyciu: 40% Całkowita pamięć fizyczna: 16309.58 MB Dostępna pamięć fizyczna: 9720.35 MB Całkowita pamięć wirtualna: 22709.58 MB Dostępna pamięć wirtualna: 12068.17 MB ==================== Dyski ================================ Drive c: () (Fixed) (Total:77.45 GB) (Free:16.43 GB) (Model: ADATA SX8200PNP) NTFS Drive d: (others) (Fixed) (Total:875.74 GB) (Free:312.21 GB) (Model: ADATA SX8200PNP) NTFS Drive g: (Google Drive) (Fixed) (Total:15 GB) (Free:3.38 GB) (Model: ADATA SX8200PNP) FAT32 \\?\Volume{c4d42b51-b27e-4f8b-8820-f0c037cc90cb}\ () (Fixed) (Total:0.56 GB) (Free:0.05 GB) NTFS \\?\Volume{9e5e2dd7-9d52-4a71-accd-30bf36f10c05}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32 ==================== MBR & Tablica partycji ==================== ========================================================== Disk: 0 (Protective MBR) (Size: 953.9 GB) (Disk ID: 00000000) Partition: GPT. ==================== Koniec Addition.txt =======================